Bump jobserver from 0.1.22 to 0.1.25
Bumps [jobserver](https://github.com/alexcrichton/jobserver-rs) from 0.1.22 to 0.1.25.
<details>
<summary>Commits</summary>
<ul>
<li><a href="c9b5c79634"><code>c9b5c79</code></a> Bump to 0.1.25</li>
<li><a href="d7a5828540"><code>d7a5828</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/alexcrichton/jobserver-rs/issues/45">#45</a> from olofj/add-available</li>
<li><a href="cfae7ffaf5"><code>cfae7ff</code></a> Add <code>available</code> traits to find out how many client tokens are unused</li>
<li><a href="2c7fbf07bf"><code>2c7fbf0</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/alexcrichton/jobserver-rs/issues/39">#39</a> from NobodyXu/optimize</li>
<li><a href="888d2d7be5"><code>888d2d7</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/alexcrichton/jobserver-rs/issues/42">#42</a> from NobodyXu/fix/configure-make</li>
<li><a href="f049e25ab1"><code>f049e25</code></a> Rm unnecessary diff in <code>Client::mk</code></li>
<li><a href="a55f5f2031"><code>a55f5f2</code></a> Create a new fn <code>configure_make</code> to set <code>MFLAGS</code></li>
<li><a href="9c8de91c83"><code>9c8de91</code></a> Fix <code>configure</code>: Set <code>MAKEFLAGS</code> & <code>MFLAGS</code></li>
<li><a href="0a5230a0fe"><code>0a5230a</code></a> Refactor: Put all <code>set_nonblocking</code> into <code>new</code></li>
<li><a href="a66acbcd6c"><code>a66acbc</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/alexcrichton/jobserver-rs/issues/41">#41</a> from NobodyXu/improve-doc</li>
<li>Additional commits viewable in <a href="https://github.com/alexcrichton/jobserver-rs/compare/0.1.22...0.1.25">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Bump percent-encoding from 2.1.0 to 2.2.0
Bumps [percent-encoding](https://github.com/servo/rust-url) from 2.1.0 to 2.2.0.
<details>
<summary>Commits</summary>
<ul>
<li><a href="1182d5d5b9"><code>1182d5d</code></a> Fix readme path</li>
<li><a href="fcf40eae55"><code>fcf40ea</code></a> Update toml to list bench path</li>
<li><a href="82ee0bd3cd"><code>82ee0bd</code></a> Bump url crate version to 2.2.0</li>
<li><a href="a46bec6e54"><code>a46bec6</code></a> chore: silence false positive clippy warning</li>
<li><a href="37460b4ab7"><code>37460b4</code></a> idna: deduplicate punycode test assertions</li>
<li><a href="b665da1b24"><code>b665da1</code></a> chore: pacify clippy some more</li>
<li><a href="9d8a8c5103"><code>9d8a8c5</code></a> chore: fix CI failures from clippy/MSRV</li>
<li><a href="bbfb2c0c79"><code>bbfb2c0</code></a> url: tweak code order in test module</li>
<li><a href="595624961f"><code>5956249</code></a> url: replace use of macros in data-driven tests</li>
<li><a href="c9ed907ed1"><code>c9ed907</code></a> url: remove usage of custom test framework</li>
<li>Additional commits viewable in <a href="https://github.com/servo/rust-url/compare/percent-encoding-v2.1.0...v2.2.0">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
`etc/shell.nix`: Add `AppKit` to `buildInputs` on Darwin
System framework dependencies need to be specified explicitly on Darwin.
Fixes a linker error when building Servo inside a Nix shell on macOS.
Signed-off-by: yvt <i@yvt.jp>
---
- [x] `./mach build -d` does not report any errors
- [x] `./mach test-tidy` does not report any errors
- [ ] These changes fix #___ (GitHub issue number if applicable)
---
- [ ] There are tests for these changes OR
- [x] These changes do not require tests because they don't affect the production code
Bump openssl from 0.10.38 to 0.10.41
Bumps [openssl](https://github.com/sfackler/rust-openssl) from 0.10.38 to 0.10.41.
<details>
<summary>Commits</summary>
<ul>
<li><a href="04aa578b8c"><code>04aa578</code></a> Release openssl v0.10.41</li>
<li><a href="6eb34eb73f"><code>6eb34eb</code></a> Release openssl-sys v0.9.75</li>
<li><a href="c81d34984e"><code>c81d349</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/sfackler/rust-openssl/issues/1660">#1660</a> from sfackler/oss3-error-strs</li>
<li><a href="4d218d1fec"><code>4d218d1</code></a> statically link on windows</li>
<li><a href="61c042fd29"><code>61c042f</code></a> disable systest on windows</li>
<li><a href="48ce2336a1"><code>48ce233</code></a> add a test</li>
<li><a href="ed4eca695d"><code>ed4eca6</code></a> fix link</li>
<li><a href="c02e9dcd36"><code>c02e9dc</code></a> Fix use-after-free in 3.x error reporting</li>
<li><a href="047fb44e7c"><code>047fb44</code></a> Update ci.yml</li>
<li><a href="b2f85951aa"><code>b2f8595</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/sfackler/rust-openssl/issues/1657">#1657</a> from John-K/custom_ecc_curve</li>
<li>Additional commits viewable in <a href="https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.38...openssl-v0.10.41">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Bump flume from 0.10.12 to 0.10.14
Bumps [flume](https://github.com/zesterer/flume) from 0.10.12 to 0.10.14.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/zesterer/flume/blob/master/CHANGELOG.md">flume's changelog</a>.</em></p>
<blockquote>
<h1>[0.10.14] - 2022-07-21</h1>
<h3>Fixed</h3>
<ul>
<li>Fixed unbounded memory usage in <code>RecvFut::poll_inner</code></li>
</ul>
<h1>[0.10.13] - 2022-06-10</h1>
<h3>Added</h3>
<ul>
<li><code>SendSink::sender</code>, to get the sender of a <code>SendSink</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a href="https://github.com/zesterer/flume/commits">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Bump bit-set from 0.5.2 to 0.5.3
Bumps [bit-set](https://github.com/contain-rs/bit-set) from 0.5.2 to 0.5.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/contain-rs/bit-set/releases">bit-set's releases</a>.</em></p>
<blockquote>
<h2>v0.5.3</h2>
<ul>
<li>fixes shrink_to_fit bug</li>
<li>fixes ci</li>
<li>fmts</li>
<li>cleans up readme</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a href="https://github.com/contain-rs/bit-set/commits/v0.5.3">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Bump cssparser from 0.29.2 to 0.29.6
Bumps [cssparser](https://github.com/servo/rust-cssparser) from 0.29.2 to 0.29.6.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a href="https://github.com/servo/rust-cssparser/commits">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Bump gif from 0.11.3 to 0.11.4
Bumps [gif](https://github.com/image-rs/image-gif) from 0.11.3 to 0.11.4.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/image-rs/image-gif/blob/master/Changes.md">gif's changelog</a>.</em></p>
<blockquote>
<h1>v0.11.4</h1>
<p>Bufixes:</p>
<ul>
<li>Fix decoding confusing superfluous image data from previous frames with
current frame data.</li>
<li>Bump minimum required version of <code>weezl</code>.</li>
</ul>
<p>Features:</p>
<ul>
<li>Add <code>Encoder::{get_ref, get_mut, into_inner}</code> to access underlying stream.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="e070cfb4f4"><code>e070cfb</code></a> Release notes for version 0.11.4</li>
<li><a href="ed1d8d7799"><code>ed1d8d7</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/image-rs/image-gif/issues/131">#131</a> from image-rs/issue-130-superfluous-data</li>
<li><a href="cb3b0e39e5"><code>cb3b0e3</code></a> Fix: stale data across next frame</li>
<li><a href="f05cd52226"><code>f05cd52</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/image-rs/image-gif/issues/127">#127</a> from jdm/patch-1</li>
<li><a href="a41613dfe7"><code>a41613d</code></a> Update minimum weezl version.</li>
<li><a href="0bd83c5ee4"><code>0bd83c5</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/image-rs/image-gif/issues/126">#126</a> from andylizi/get-writer-ref</li>
<li><a href="e03205c4b3"><code>e03205c</code></a> Add warning for <code>Encoder::get_mut</code> docs</li>
<li><a href="39c2a017a4"><code>39c2a01</code></a> Add <code>Encoder::{get_ref, get_mut}</code></li>
<li><a href="94a26746cc"><code>94a2674</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/image-rs/image-gif/issues/124">#124</a> from andylizi/fix-tests-windows</li>
<li><a href="69da38496e"><code>69da384</code></a> Make tests work on Windows</li>
<li>Additional commits viewable in <a href="https://github.com/image-rs/image-gif/compare/v0.11.3...v0.11.4">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Bump spin from 0.9.2 to 0.9.4
Bumps [spin](https://github.com/mvdnes/spin-rs) from 0.9.2 to 0.9.4.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/mvdnes/spin-rs/blob/master/CHANGELOG.md">spin's changelog</a>.</em></p>
<blockquote>
<h1>[0.9.4] - 2022-07-14</h1>
<h3>Fixed</h3>
<ul>
<li>Fixed unsoundness in <code>RwLock</code> on reader overflow</li>
<li>Relaxed <code>Send</code>/<code>Sync</code> bounds for <code>SpinMutex</code> and <code>TicketMutex</code> (doesn't affect <code>Mutex</code> itself)</li>
</ul>
<h1>[0.9.3] - 2022-04-17</h1>
<h3>Added</h3>
<ul>
<li>Implemented <code>Default</code> for <code>Once</code></li>
<li><code>Once::try_call_once</code></li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Fixed bug that caused <code>Once::call_once</code> to incorrectly fail</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a href="https://github.com/mvdnes/spin-rs/commits">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Bump smallvec from 1.8.0 to 1.9.0
Bumps [smallvec](https://github.com/servo/rust-smallvec) from 1.8.0 to 1.9.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/servo/rust-smallvec/releases">smallvec's releases</a>.</em></p>
<blockquote>
<h2>v1.9.0</h2>
<ul>
<li>Add <code>retain_mut</code> as an alias for <code>retain</code>, for compatibility with <code>std::vec::Vec</code> (<a href="https://github-redirect.dependabot.com/servo/rust-smallvec/issues/283">#283</a>).</li>
</ul>
<h2>v1.8.1</h2>
<ul>
<li>Optimize inserts at the end of the vector (<a href="https://github-redirect.dependabot.com/servo/rust-smallvec/issues/282">#282</a>).</li>
<li>Fix possible aliasing issues with raw pointers (<a href="https://github-redirect.dependabot.com/servo/rust-smallvec/issues/277">#277</a>).</li>
<li>Fix format of license field in Cargo manifest (<a href="https://github-redirect.dependabot.com/servo/rust-smallvec/issues/278">#278</a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="7fa951fd21"><code>7fa951f</code></a> Version 1.9.0</li>
<li><a href="e9c2f0a63f"><code>e9c2f0a</code></a> Add retain_mut method (as an alias to retain)</li>
<li><a href="4ce5e169e8"><code>4ce5e16</code></a> Version 1.8.1</li>
<li><a href="7f9e513712"><code>7f9e513</code></a> Add a benchmark for the insert case where <code>index == len</code>.</li>
<li><a href="b2335682bc"><code>b233568</code></a> Optimize <code>insert</code> for the case where <code>index == len</code>.</li>
<li><a href="bb8def466a"><code>bb8def4</code></a> Use SPDX license format (<a href="https://github-redirect.dependabot.com/servo/rust-smallvec/issues/278">#278</a>)</li>
<li><a href="8363ea8925"><code>8363ea8</code></a> Auto merge of <a href="https://github-redirect.dependabot.com/servo/rust-smallvec/issues/277">#277</a> - saethlin:fix-aliasing, r=mbrubeck</li>
<li><a href="ecd69b9b2e"><code>ecd69b9</code></a></li>
<li><a href="b257aad239"><code>b257aad</code></a> Fix Miri complaints with -Zmiri-tag-raw-pointers</li>
<li>See full diff in <a href="https://github.com/servo/rust-smallvec/compare/v1.8.0...v1.9.0">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Bump rayon-core from 1.9.2 to 1.9.3
Bumps [rayon-core](https://github.com/rayon-rs/rayon) from 1.9.2 to 1.9.3.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/rayon-rs/rayon/blob/master/RELEASES.md">rayon-core's changelog</a>.</em></p>
<blockquote>
<h1>Release rayon-core 1.9.3 (2022-05-13)</h1>
<ul>
<li>Fixed a use-after-free race in job notification.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="19bf11504b"><code>19bf115</code></a> Merge <a href="https://github-redirect.dependabot.com/rayon-rs/rayon/issues/934">#934</a></li>
<li><a href="9801de7293"><code>9801de7</code></a> Merge <a href="https://github-redirect.dependabot.com/rayon-rs/rayon/issues/933">#933</a></li>
<li><a href="a86656615b"><code>a866566</code></a> Merge <a href="https://github-redirect.dependabot.com/rayon-rs/rayon/issues/935">#935</a></li>
<li><a href="36bd58aa3d"><code>36bd58a</code></a> Convert delegate doctest to unit tests</li>
<li><a href="c2a0c516cc"><code>c2a0c51</code></a> Release rayon-core 1.9.3</li>
<li><a href="d1a0a60380"><code>d1a0a60</code></a> Be more explicit with Arc::clone</li>
<li><a href="baa405727f"><code>baa4057</code></a> Capture &Registry in SpinLatch::set, not &Arc<Registry></li>
<li><a href="23bcb624ac"><code>23bcb62</code></a> Rename probe method to _foo to avoid dead code warning</li>
<li><a href="9dc52d76b1"><code>9dc52d7</code></a> Merge <a href="https://github-redirect.dependabot.com/rayon-rs/rayon/issues/931">#931</a></li>
<li><a href="e633b1e927"><code>e633b1e</code></a> fix some typos</li>
<li>See full diff in <a href="https://github.com/rayon-rs/rayon/compare/rayon-core-v1.9.2...rayon-core-v1.9.3">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Bump image from 0.24.1 to 0.24.3
Bumps [image](https://github.com/image-rs/image) from 0.24.1 to 0.24.3.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/image-rs/image/blob/master/CHANGES.md">image's changelog</a>.</em></p>
<blockquote>
<h3>Version 0.24.3</h3>
<p>New Features:</p>
<ul>
<li><code>TiffDecoder</code> now supports setting resource limits.</li>
</ul>
<p>Bug fixes:</p>
<ul>
<li>Fix compile issues on little endian systems.</li>
<li>Various panics discovered by fuzzing.</li>
</ul>
<h3>Version 0.24.2</h3>
<p>Structural changes:</p>
<ul>
<li>CI now runs <code>cargo-deny</code>, checking dependent crates to an OSS license list
and against RUSTSEC advisories.</li>
</ul>
<p>New Features:</p>
<ul>
<li>The WebP decoder recognizes and decodes images with <code>VP8X</code> header.</li>
<li>The DDS decoder recognizes and decodes images with <code>DX10</code> headers.</li>
</ul>
<p>Bug fixes:</p>
<ul>
<li>Calling <code>DynamicImage</code>/<code>ImageBuffer</code>'s methods <code>write_to</code> and <code>save</code> will now
work properly even if the backing container is larger than the image layout
requires. Only the relevant slice of pixel data is passed to the encoder.</li>
<li>Fixed a OOM-panic caused by malformed images in the <code>gif</code> decoder.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a href="https://github.com/image-rs/image/commits">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Bump inplace_it from 0.3.2 to 0.3.4
Bumps [inplace_it](https://github.com/NotIntMan/inplace_it) from 0.3.2 to 0.3.4.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a href="https://github.com/NotIntMan/inplace_it/commits">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Bump libz-sys from 1.1.5 to 1.1.8
Bumps [libz-sys](https://github.com/rust-lang/libz-sys) from 1.1.5 to 1.1.8.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a href="https://github.com/rust-lang/libz-sys/commits">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Bump cssparser from 0.29.0 to 0.29.2
Bumps [cssparser](https://github.com/servo/rust-cssparser) from 0.29.0 to 0.29.2.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a href="https://github.com/servo/rust-cssparser/commits">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Bump rayon from 1.5.1 to 1.5.3
Bumps [rayon](https://github.com/rayon-rs/rayon) from 1.5.1 to 1.5.3.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/rayon-rs/rayon/blob/master/RELEASES.md">rayon's changelog</a>.</em></p>
<blockquote>
<h1>Release rayon 1.5.3 (2022-05-13)</h1>
<ul>
<li>The new <code>ParallelSliceMut::par_sort_by_cached_key</code> is a stable sort that caches
the keys for each item -- a parallel version of <code>slice::sort_by_cached_key</code>.</li>
</ul>
<h1>Release rayon-core 1.9.3 (2022-05-13)</h1>
<ul>
<li>Fixed a use-after-free race in job notification.</li>
</ul>
<h1>Release rayon 1.5.2 / rayon-core 1.9.2 (2022-04-13)</h1>
<ul>
<li>The new <code>ParallelSlice::par_rchunks()</code> and <code>par_rchunks_exact()</code> iterate
slice chunks in reverse, aligned the against the end of the slice if the
length is not a perfect multiple of the chunk size. The new
<code>ParallelSliceMut::par_rchunks_mut()</code> and <code>par_rchunks_exact_mut()</code> are the
same for mutable slices.</li>
<li>The <code>ParallelIterator::try_*</code> methods now support <code>std::ops::ControlFlow</code> and
<code>std::task::Poll</code> items, mirroring the unstable <code>Try</code> implementations in the
standard library.</li>
<li>The <code>ParallelString</code> pattern-based methods now support <code>&[char]</code> patterns,
which match when any character in that slice is found in the string.</li>
<li>A soft limit is now enforced on the number of threads allowed in a single
thread pool, respecting internal bit limits that already existed. The current
maximum is publicly available from the new function <code>max_num_threads()</code>.</li>
<li>Fixed several Stacked Borrow and provenance issues found by <code>cargo miri</code>.</li>
</ul>
<h2>Contributors</h2>
<p>Thanks to all of the contributors for this release!</p>
<ul>
<li><a href="https://github.com/atouchet"><code>@atouchet</code></a></li>
<li><a href="https://github.com/bluss"><code>@bluss</code></a></li>
<li><a href="https://github.com/cuviper"><code>@cuviper</code></a></li>
<li><a href="https://github.com/fzyzcjy"><code>@fzyzcjy</code></a></li>
<li><a href="https://github.com/nyanzebra"><code>@nyanzebra</code></a></li>
<li><a href="https://github.com/paolobarbolini"><code>@paolobarbolini</code></a></li>
<li><a href="https://github.com/RReverser"><code>@RReverser</code></a></li>
<li><a href="https://github.com/saethlin"><code>@saethlin</code></a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="5b6adbbf5c"><code>5b6adbb</code></a> Merge <a href="https://github-redirect.dependabot.com/rayon-rs/rayon/issues/936">#936</a></li>
<li><a href="d0cf4d34f7"><code>d0cf4d3</code></a> Release rayon 1.5.3</li>
<li><a href="137be380f5"><code>137be38</code></a> Merge <a href="https://github-redirect.dependabot.com/rayon-rs/rayon/issues/932">#932</a></li>
<li><a href="19bf11504b"><code>19bf115</code></a> Merge <a href="https://github-redirect.dependabot.com/rayon-rs/rayon/issues/934">#934</a></li>
<li><a href="9801de7293"><code>9801de7</code></a> Merge <a href="https://github-redirect.dependabot.com/rayon-rs/rayon/issues/933">#933</a></li>
<li><a href="a86656615b"><code>a866566</code></a> Merge <a href="https://github-redirect.dependabot.com/rayon-rs/rayon/issues/935">#935</a></li>
<li><a href="36bd58aa3d"><code>36bd58a</code></a> Convert delegate doctest to unit tests</li>
<li><a href="c2a0c516cc"><code>c2a0c51</code></a> Release rayon-core 1.9.3</li>
<li><a href="d1a0a60380"><code>d1a0a60</code></a> Be more explicit with Arc::clone</li>
<li><a href="baa405727f"><code>baa4057</code></a> Capture &Registry in SpinLatch::set, not &Arc<Registry></li>
<li>Additional commits viewable in <a href="https://github.com/rayon-rs/rayon/compare/v1.5.1...v1.5.3">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Update to image 0.24.2, implement WebP support
<!-- Please describe your changes on the following line: -->
This PR updates image to 0.24.2 and implements WebP support. I've been watching the progress on image-rs's WebP implementation, and from what I've seen, the situation has changed from "can only decode the luma channel from lossy WebPs" to pretty much full support (with image 0.24.2 implementing support for the extended WebP format).
Here are screenshots of it viewing the WebP page's example:
<details>
<summary>Screenshots</summary>
Servo viewing the main WebP gallery:
Servo viewing a lossless example from WebP's Lossless and Alpha Demonstration:
Servo viewing a lossy-with-alpha example from WebP's Lossless and Alpha Demonstration
</details>
This also changes the package name from `piston_image` to simply `image`. It appeared to be a piece of legacy from ages ago which can be safely changed now.
(PS: I'm still pretty new at Rust, please let me know if I have done any mistakes in the process)
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `___` with appropriate data: -->
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
- [X] These changes fix#20045 (GitHub issue number if applicable)
<!-- Either: -->
- [X] There are tests for these changes OR
- [ ] These changes do not require tests because ___
<!-- Also, please make sure that "Allow edits from maintainers" checkbox is checked, so that we can help you if you get stuck somewhere along the way.-->
<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->
Bump exr from 1.4.1 to 1.4.2
Bumps [exr](https://github.com/johannesvollmer/exrs) from 1.4.1 to 1.4.2.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a href="https://github.com/johannesvollmer/exrs/commits">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Run WPT sync nightly on GitHub Action
---
- [x] `./mach build -d` does not report any errors
- [x] `./mach test-tidy` does not report any errors
- [x] These changes fix#28281
- [x] These changes do not require tests because it will add a GitHub Action to run wpt sync everyday
